Tom Brewster reports: A prolific hacker gang that has breached numerous companies by exploiting Adobe software has claimed another major hit in the form of car manufacturer Citroën, the Guardian has learned. Citroën had one of its German websites hacked to include a backdoor, which is a method of bypassing normal authentication systems, and which…
Category: Subcontractor
PA: Point Park University notifies employees of possible data breach
Justine Coyne reports employees at a Pittsburgh university are being notified after a package containing payroll reports from the university’s payroll vendor, Ceridian, arrived with the reports missing from the package: Point Park University on Wednesday alerted employees to a potential data breach involving names, home addresses, Social Security numbers and other information. The potential…
Assisted Living Concepts notifying over 43,000 employees after hack of payroll database at vendor’s (update3)
Chicago-based Assisted Living Concepts, LLC and its subsidiaries own and/or operate 200 assisted living facilities in 20 states. ALC uses an external vendor to process its payroll for its employees. On February 14, the vendor notified ALC that they had detected unauthorized access to ALC’s payroll database. Investigation revealed that ALC’s login credentials had been…
EMC notifying some employees after vendor error disclosed their names and SSNs to unauthorized parties
EMC is notifying employees after an unnamed vendor’s employee mistakenly sent out an Excel file with their personal information to parties not authorized to have their personal information. The error, which occurred on January 7, occurred because a quick glance at the file did not reveal the hidden fields containing their names, SSN, and old…
OR: Office landlord fined after trashing mortgage records in course of eviction
Eliot Njus reports: The owners of a Northeast Portland office building have been fined after a state regulator said its cleaning service threw 30 boxes of mortgage records into an unlocked trash bin while evicting a mortgage company. The Oregon Department of Consumer and Business Services has ordered 122nd Group LLC to pay $5,000 for failing to…
An update regarding your REDcard and the data breach
Ken Hess, a Target customer, received an update letter about the Target breach which he posted in its entirety on ZDNet. There is really nothing particularly new in the letter, other than Target says they (still) have no evidence of any misuse of their branded RED cards and only a “low amount” of misuse of…